Problem with SNI / VHost Config

Hi there,
we have a small server running ISPConfig 3.0.5.4p8 on Ubuntu 14.04.3 LTS using Apache 2.4.7. We do have several Sites configured and want to use SSL on each of these sites. I have configured SSL and it works for one vHost. The vHost has a configured IP v4 Adress (and not * ) but somehow the generated vhost File will point to * again. I have deleted the vhost config and had it reconfigured. The output from apache2ctl -S:

SNI works for * and IP, so there is no need to select an Ip if all sites use * on your server. Beside that, you can not mix * and IP for websites that point to the same IP address in DNS on an apache web server as an IP is always a stronger match than a wildcard * and all traffic for the sites that have * selected will go to the site that has the Ip assigned then.

In case that ISPConfig is not able to write changes to disk, then see here:

Hi,
thanks for the Reply. Some older threads recommended to set the IP and not *. It does not work with * as IP Adress (wich I have confirmed right now). I had all my sited pointed to the IP but the vhost from Owncloud would set * anyways. Now I set all vHosts to * and the Problem is still the same.

ISPConfig can write to disk, if I delete the vhost config for Owncloud it will be recreated with the same settings.

I don't see how this will help - we are using a wildcard Certificate and it works quiet well on other servers. This here seems to me to be an Apache Config error (and Apache is configured through ISPConfig, I guess because I did configure it wrong). Or am I missing something?

well, with LE integration to ISPC you can for each vhost create an own cert. It's too bad that LE doesn't support wildcard certs this far. But if everything is automated there's not so much need usually.

I don't see how this will help - we are using a wildcard Certificate and it works quiet well on other servers. This here seems to me to be an Apache Config error (and Apache is configured through ISPConfig, I guess because I did configure it wrong). Or am I missing something?

Thanks in advance,
Jonas

Click to expand...

It does not matter if you use a wildcard cert or not, just enable ssl for the websites and paste the ssl cert, key and intermediate ssl cert into the appropriate fields on the ssl tab. SSL works fine with * and also with IP when you have multiple SSL websites, I run quite a few live servers that use both setups for years now.

It does not matter if you use a wildcard cert or not, just enable ssl for the websites and paste the ssl cert, key and intermediate ssl cert into the appropriate fields on the ssl tab. SSL works fine with * and also with IP when you have multiple SSL websites, I run quite a few live servers that use both setups for years now.

Click to expand...

That is exactly what I did but it does not work. I'm quiet at a loss and will look into it again beginning next year. If someone does have a suggestion what to test then I'll be happy for everything.